<?
require_once("conn.php");
$id = $_REQUEST["id"];
$addNewUser = $_REQUEST["addNewUser"];
$saveUser = $_REQUEST["saveUser"];

if($id != ""){
	echo "edit";
	$sql = "select * from member WHERE id='".$id."';";
	$query = mysql_query($sql);
	$row = mysql_fetch_assoc($query);
	?>
	<form action="user.php?t=<?=rand();?>" method="post">
	<table>
		<tr>
			<td>User name : </td>
			<td><input type="hidden" name="user_id" value="<?=$id?>"><?=$row["username"]?></td>
		</tr>
		<tr>
			<td>Password : </td>
			<td><input type="text" name="e_password"></td>
		</tr>
		<tr>
			<td colspan="2"><input type="submit" name="saveUser" value="Edit"></td>
		</tr>
	</table>
	</form>

	<?

}else{
	if($addNewUser != ""){
		$username = $_REQUEST["username"];
		$password = $_REQUEST["password"];

		$sql = "INSERT INTO member(username,password,x_pass,groups,last_update) VALUES('".$username."',md5('".$password."'),'".$password."','13',now());";
		mysql_query($sql);
		$myid = mysql_insert_id();
		$sql = "INSERT INTO pch_user_access(user_id) VALUES('".$myid."');";
		mysql_query($sql);
		?>
		<meta HTTP-EQUIV="REFRESH" content="0; url=index.php">
		<?
	}else if($saveUser != ""){
		$user_id = $_REQUEST["user_id"];
		$e_password = $_REQUEST["e_password"];
		
		$sql = "UPDATE member SET password=md5('".$e_password."'),x_pass='".$e_password."' WHERE id='".$user_id."';";
		mysql_query($sql);
		?>
		<meta HTTP-EQUIV="REFRESH" content="0; url=index.php">
		<?
	}else{
	?>
	<form action="user.php?t=<?=rand();?>" method="post">
	<table>
		<tr>
			<td>User name : </td>
			<td><input type="text" name="username"></td>
		</tr>
		<tr>
			<td>Password : </td>
			<td><input type="text" name="password"></td>
		</tr>
		<tr>
			<td colspan="2"><input type="submit" name="addNewUser" value="Add"></td>
		</tr>
	</table>
	</form>
	<?
	}
}
?>
<div id="showAccess"></div>